Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/X2CrNfujMUDaA2i1a7mgtpMdDRs.roa
File: X2CrNfujMUDaA2i1a7mgtpMdDRs.roa (raw, json)
Hash identifier: No/ty9CpltlTFi0Ofb6x6/FgIfHfrT7g4SfpGTwSUlQ=
Subject key identifier: 5F:60:AB:35:FB:A3:31:40:DA:03:68:B5:6B:B9:A0:B6:93:1D:0D:1B
Certificate issuer: /CN=96b377644e414101db6dead0eb5821063f588e8c
Certificate serial: 018CCA2BC980328DF47551DE493E6774E287
Authority key identifier: 96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/X2CrNfujMUDaA2i1a7mgtpMdDRs.roa
Signing time: Tue 02 Jan 2024 12:35:16 +0000
ROA not before: Tue 02 Jan 2024 12:35:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43006
IP address blocks: 2a10:3200::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 May 2024 11:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:c9:80:32:8d:f4:75:51:de:49:3e:67:74:e2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b377644e414101db6dead0eb5821063f588e8c
Validity
Not Before: Jan 2 12:35:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f60ab35fba33140da0368b56bb9a0b6931d0d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:27:a6:88:73:54:e7:7e:e6:c4:59:8b:31:d1:
08:8e:be:f1:d1:aa:5f:19:25:1d:a4:ca:60:bd:17:
97:08:2a:16:ef:b5:06:a0:65:22:07:4e:e9:9a:67:
06:9f:b9:a7:a8:61:95:4f:35:f3:ed:4b:49:63:06:
35:90:c8:69:e1:b3:83:21:96:4a:a0:46:65:f1:5a:
d7:9b:f2:89:57:75:5e:69:b6:b8:ce:2c:ab:b5:34:
79:38:6c:40:08:1a:d4:e2:7a:92:d0:33:8a:37:93:
bc:ec:1d:ae:bf:b8:dc:7b:46:61:80:0e:9c:fe:98:
26:39:2f:c9:25:c4:c8:fc:48:8d:df:ba:98:e5:45:
8c:b7:25:ee:d3:fb:f9:9c:74:53:19:6b:13:a2:9a:
89:d2:b7:d7:77:4e:ba:fc:bf:19:c5:56:00:34:7a:
04:28:a7:12:26:8d:31:2e:65:50:51:33:1a:cb:3e:
31:2e:f7:41:5e:b5:ab:0f:0a:41:e3:9d:e2:1f:44:
c5:2d:79:ff:7f:ac:ab:7b:91:e6:2b:e1:23:7f:dc:
87:e2:e8:46:2d:97:8e:3f:ab:30:31:dd:05:25:0b:
f3:d6:86:15:30:96:87:96:6d:1b:1c:da:d5:2b:f0:
c2:e8:fd:f0:32:65:2b:94:49:eb:e0:18:60:22:71:
52:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:60:AB:35:FB:A3:31:40:DA:03:68:B5:6B:B9:A0:B6:93:1D:0D:1B
X509v3 Authority Key Identifier:
keyid:96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/X2CrNfujMUDaA2i1a7mgtpMdDRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/lrN3ZE5BQQHbberQ61ghBj9Yjow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3200::/32
Signature Algorithm: sha256WithRSAEncryption
9b:dd:41:50:c2:23:de:02:f1:f0:07:87:89:c7:f7:1f:54:08:
57:3a:60:18:b2:0a:77:6a:7b:e1:e1:5f:5a:ef:91:f1:1f:83:
05:17:2c:1d:51:6d:4a:b5:6b:23:e8:81:20:9c:18:67:ac:e4:
89:52:49:75:35:89:a3:85:5f:c5:0e:fb:40:f1:80:64:b0:9b:
40:84:3b:ef:4b:c9:88:03:ad:6b:84:26:93:d1:9a:e4:08:c0:
86:9f:43:56:f1:5c:0f:5c:91:3c:65:49:40:a6:fb:98:78:d9:
5e:ce:7e:16:54:7a:37:cf:20:28:40:c1:d2:cd:f9:48:bf:ee:
3d:3e:1d:01:09:42:fb:3b:3b:08:6a:42:cf:8b:32:6c:5b:4c:
86:1e:ca:d9:0f:c8:d0:47:11:d5:46:1e:d3:49:93:6b:79:a2:
4e:f0:55:02:ab:95:6c:49:f9:79:76:e8:85:7d:c9:b9:af:e7:
c0:7d:74:c4:12:ca:7c:75:88:e6:e5:b7:12:3e:46:46:a4:f2:
a0:61:53:e7:a6:0a:6a:b1:56:7c:c2:17:8c:1b:8b:34:0a:62:
25:75:b9:1b:24:c4:57:1f:5a:dd:34:6b:f7:04:d5:3a:f3:2c:
99:e9:97:83:96:05:ab:26:f4:21:87:9f:94:dc:16:fa:63:30:
55:5e:dc:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKK8mAMo30dVHeST5ndOKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjM3NzY0NGU0MTQxMDFkYjZkZWFkMGViNTgyMTA2M2Y1
ODhlOGMwHhcNMjQwMTAyMTIzNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjYwYWIzNWZiYTMzMTQwZGEwMzY4YjU2YmI5YTBiNjkzMWQwZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCemiHNU537mxFmLMdEIjr7x0apf
GSUdpMpgvReXCCoW77UGoGUiB07pmmcGn7mnqGGVTzXz7UtJYwY1kMhp4bODIZZK
oEZl8VrXm/KJV3Veaba4ziyrtTR5OGxACBrU4nqS0DOKN5O87B2uv7jce0ZhgA6c
/pgmOS/JJcTI/EiN37qY5UWMtyXu0/v5nHRTGWsTopqJ0rfXd066/L8ZxVYANHoE
KKcSJo0xLmVQUTMayz4xLvdBXrWrDwpB453iH0TFLXn/f6yre5HmK+Ejf9yH4uhG
LZeOP6swMd0FJQvz1oYVMJaHlm0bHNrVK/DC6P3wMmUrlEnr4BhgInFStwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF9gqzX7ozFA2gNotWu5oLaTHQ0bMB8GA1UdIwQY
MBaAFJazd2ROQUEB223q0OtYIQY/WI6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEt
MjhlNmM1YmEyZWFlLzEvWDJDck5mdWpNVURhQTJpMWE3bWd0cE1kRFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEtMjhlNmM1YmEyZWFl
LzEvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAyADAN
BgkqhkiG9w0BAQsFAAOCAQEAm91BUMIj3gLx8AeHicf3H1QIVzpgGLIKd2p74eFf
Wu+R8R+DBRcsHVFtSrVrI+iBIJwYZ6zkiVJJdTWJo4VfxQ77QPGAZLCbQIQ770vJ
iAOta4Qmk9Ga5AjAhp9DVvFcD1yRPGVJQKb7mHjZXs5+FlR6N88gKEDB0s35SL/u
PT4dAQlC+zs7CGpCz4sybFtMhh7K2Q/I0EcR1UYe00mTa3miTvBVAquVbEn5eXbo
hX3Jua/nwH10xBLKfHWI5uW3Ej5GRqTyoGFT56YKarFWfMIXjBuLNApiJXW5GyTE
Vx9a3TRr9wTVOvMsmemXg5YFqyb0IYeflNwW+mMwVV7cQg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:51 2025 by rpki-client